<?php
function admin_is_page($page = '') {
	$current = get_page_info('id');
	
	return (is_array($page)) ? in_array($current, $page) : $current == $page;
}

function change_comment_status($id = null, $action = 'approve') {
	if (is_null($id) || (int)$id <= 0) return false;
	if ($action != 'approve' && $action != 'unapprove') return false;
	
	global $mysql;
	return $mysql->update(COMMENTS, array(
		'comment_status' => ($action == 'approve') ? 1 : 0
	), '`comment_id` = "'.escape($id).'"');
}

function delete_category($id = null) {
	if (is_array($id)) return !in_array(false, array_map('delete_category', $id), true);
	if (is_null($id) || (int)$id <= 1) return false;
	if (!valid_token($id)) return false;
	
	global $mysql;
	$posts = get_posts(array(
		'where' => 'FIND_IN_SET("'.$id.'", `post_category`)'
	));
	if ($posts->total > 0) {
		foreach($posts->items as $post) {
			$cats = array_diff(explode(',', $post->category), (array)$id);
			if (count($cats) < 0) $cats = (array)1;
			$mysql->update(POSTS, array('post_category' => implode(',', $cats)), '`post_id` = "'.$post->get_id().'"');
		}
	}
	unset($posts);
	
	return $mysql->delete(CATEGORIES, '`category_id` = "'.escape($id).'"');
}

function delete_comment($id = null) {
	if (is_array($id)) return !in_array(false, array_map('delete_comment', $id), true);
	if (is_null($id) || (int)$id <= 0) return false;
	if (!valid_token($id)) return false;
	
	global $mysql;
	return $mysql->delete(COMMENTS, '`comment_id` = "'.escape($id).'"');
}

function delete_page($id = null) {
	if (is_array($id)) return !in_array(false, array_map('delete_page', $id), true);
	if (is_null($id) || (int)$id <= 0) return false;
	if (!valid_token($id)) return false;
	
	global $mysql;
	return $mysql->delete(PAGES, '`page_id` = "'.escape($id).'"');
}

function delete_post($id = null) {
	if (is_array($id)) return !in_array(false, array_map('delete_post', $id), true);
	if (is_null($id) || (int)$id <= 0) return false;
	if (!valid_token($id)) return false;
	
	global $mysql;
	$mysql->delete(COMMENTS, '`comment_post_id` = "'.escape($id).'"', -1);
	return $mysql->delete(POSTS, '`post_id` = "'.escape($id).'"');
}

function delete_user($id = null) {
	if (is_array($id)) return !in_array(false, array_map('delete_user', $id), true);
	if (is_null($id) || (int)$id <= 1) return false;
	if (!valid_token($id)) return false;
	
	global $mysql;
	$mysql->update(POSTS, array('post_author' => 1), '`post_author` = "'.$id.'"', -1);
	
	return $mysql->delete(USERS, '`user_id` = "'.escape($id).'"');
}

function delete_upload($id = null) {
	if (is_array($id)) return !in_array(false, array_map('delete_upload', $id), true);
	if (is_null($id) || (int)$id <= 0) return false;
	if (!valid_token($id)) return false;
	
	global $mysql;
	$result = $mysql->query('SELECT `upload_url` FROM `'.UPLOADS.'` WHERE `upload_id` = "'.escape($id).'"');
	@unlink(ABSPATH.'uploads/'.mysql_result($result, 0));
	
	return $mysql->delete(UPLOADS, '`upload_id` = "'.escape($id).'"');
}

function valid_token($id) {
	$session = get_global($_SESSION, 'token');
	$token = get_global($_GET, 'token');
	
	return (!empty($session) && !empty($token) && $token == substr(md5($session.$id.SECRET), 0, 7));
}

function write_htaccess($pretty = false) {
	$fh = fopen(ABSPATH.'.htaccess', 'w');
	if (!$fh) return false;
	if ((bool)$pretty) {
		fputs($fh, 'RewriteEngine On

RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d

RewriteRule .* index.php [QSA]');
	} else {
		fputs($fh, '');
	}
	fclose($fh);
}
?>